how to get rid of pop ups flash mall

Hi,

I so appreciate your help but this did not get rid of the problem. I followed all the steps and got rid of all offending agents, etc. Emptied trash, rebooted. It was still there. I uninstalled chrome but found it lurking in Firefox. Seems not to be in Safari, so far. In Firefox, I seem to have isolated it and disabled it in the add-ons. It reads as disabled: flashmall1.1 0.95.8. I can't seem to figure out how to get the thing manually removed from the add ons and so far the browser seems to be virus free. But I fear it is lurking in other places on the computer. I have not yet re-installed chrome.

Any more suggestions?

Thanks,

WConquest

Nobody here knows what your problem is, and no instructions addressed to you have been posted as far as I can see. Piling onto an old thread started by someone else is not the right way to get help on this site. If you can't find a solution by searching the site for answered questions similar to yours, start your own thread. You'll have as much chance as anyone else of getting a useful response.

wendy conquest conquest wrote:

I so appreciate your help but this did not get rid of the problem.

Have you tried some of the other suggestions on this topic, such as my Adware Removal Guide? If not, try that now.

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

Linc often does not answer "me too" posts. In the future, it's best not to focus on trying to get help from one specific person here, and to start your own topic when you have a problem that existing suggestions haven't fixed.

In this case, you've got both adware and the scam software MacKeeper. To remove the adware, see my Adware Removal Guide.

As for MacKeeper, if you need additional information about why it is bad, see: Ongoing MacKeeper fraud. It should be uninstalled right away. Be sure not to replace it with any other "cleaning" software, as all cleaning software is completely unnecessary and is simply preying on users who don't know any better, or any other anti-virus software, which is also unnecessary (see my Mac Malware Guide).

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

Hi Thomas.

I've tried to uninstall mackeeper but can't find it in my applications or anywhere. I've also gone through much of your advice about removing adware but none of them are coming up, genieo etc when I go through your method. I've spent hours upon hours getting nowhere. Can you suggest anything please.

I went back through all Linc Davis's answers and finally got rid of the "nasties." I have been schooled in how to query the board and will attempt to follow protocol next time. However thanks for the detailed instructions. They worked and I will beware Flash imposters from now on. Thank you all.

Wendy

I see that you have AdwareMedic installed, but you must not have used it for a while, because you have an adware Safari extension that it has been aware of since late last month. You've also got a couple other adware components that I hadn't seen before, so I added signatures for those to AdwareMedic as well. If you scan with it again now, it should remove the adware. (Be sure you have a network connection when you run AdwareMedic, so it can download the latest adware signatures.)

If you still have a problem after scanning and removing the adware, see:

http://www.adwaremedic.com/kb/unsolved.php

Also, take a look here for information on how to avoid these adware infections again in the future.

http://www.thesafemac.com/mmg-defense/

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

I do not see a "start time" but it does say [Process Completed] , I did everything you said as above and also as above that. But found nothing with anything you named, The flash mall Icon is in my launchPad, but when I go to move it to the trash.. it will not let me throw it away. can you please help me with this

Thomas, you are an absolutely awesome person. This last run of your AdwareMedic took care of all these pesky adwares. I can see here that I'm not the only one infested with them, it is almost impossible to surf with Safari when they are in action. Thank you also for adding those unknown to you, glad you found those. I had not had AdwareMedic installed before I posted here, I just found the link here and installed it day before yesterday. I have struggles with these infestations for a while, you are correct there.

I made note of your links above, and will be more vigilant in the future. Thank you so much again. Now I have to find a good anti-virus program for Mac (10.8), all reviews I have read lately are so negative that I haven't installed one at all. I used to have Sophus on 10.6, (it is still there) but when they dropped that support with the version I had, the new reviews were awful. So all I have now is BitDefender Virus Scanner, kind of a cute little app. Better than nothing, I guess. Do you have any good suggestions that doesn't cost an arm and two legs. Even Norton gets bad reviews, go figure. I guess $40-50 per year isn't too bad for good virus protection when I think about it.

Take care! And thanks again!

Ingrid

There's no anti-virus software that will protect you well against adware. Adware seems not to be a high priority among anti-virus companies. The only thing that can reliably protect you from adware is to be more aware and cautious about what you're downloading.

If you do decide to install anti-virus software, I wouldn't recommend anything other than the free ClamXav at this time. But you shouldn't feel that installing that is necessary, nor should you assume that you are 100% safe with it installed... even with anti-virus software installed, you still must exercise the same level of caution!

Start time: 22:19:48 03/24/15

Revision: 1166

Model Identifier: MacBookPro11,1

System Version: OS X 10.10.2 (14C1514)

Kernel Version: Darwin 14.1.0

Time since boot: 11 minutes

Admin access: No

FileVault: On

Diagnostic reports

2015-03-09 GoatGame crash

2015-03-10 GoatGame crash

2015-03-11 GoatGame crash

Agents

com.apple.AirPortBaseStationAgent

com.apple.photostream-agent

com.google.keystone.system.agent

Applications

/Applications/Google Chrome.app

- com.google.Chrome

/Applications/Steam.app

- com.valvesoftware.steam

/Library/Application Support/Script Editor/Templates/Cocoa-AppleScript Applet.app

- com.apple.ScriptEditor.id.cocoa-applet-template

/Library/Application Support/Script Editor/Templates/Droplets/Droplet with Settable Properties.app

- com.apple.ScriptEditor.id.droplet-with-settable-properties-template

/Library/Application Support/Script Editor/Templates/Droplets/Recursive File Processing Droplet.app

- com.apple.ScriptEditor.id.file-processing-droplet-template

/Library/Application Support/Script Editor/Templates/Droplets/Recursive Image File Processing Droplet.app

- com.apple.ScriptEditor.id.image-file-processing-droplet-template

/Library/Image Capture/Devices/Canon IJScanner2.app

- jp.co.canon.ijscanner2.scanner.ica

/Library/Image Capture/Devices/Canon IJScanner4.app

- jp.co.canon.ij.ica.scanner4

/Library/Image Capture/Devices/EPSON Scanner.app

- com.epson.scanner.ica

/Library/Printers/EPSON/Fax/AutoSetupTool/EPFaxAutoSetupTool.app

- com.epson.ijfax.app.EPFaxAutoSetupTool

/Library/Printers/EPSON/Fax/FaxIOSupport/epsonfax.app

- com.epson.ijfax.app.epsonfax

/Library/Printers/EPSON/Fax/Filter/commandFilter.app

- com.epson.ijfax.filter.commandFilter

/Library/Printers/EPSON/Fax/Filter/rastertoepfax.app

- com.epson.ijfax.filter.rastertoepfax

/Library/Printers/EPSON/Fax/Utility/FAX Utility.app

- com.epson.ijfax.utility.FAXUtility

/Library/Printers/EPSON/Fax/Utility/Fax Receive Monitor.app

- com.epson.ijfax.app.FaxReceiveMonitor

/Users/USER/Applications/Garry's Mod.app

- N/A

/Users/USER/Applications/Goat Simulator.app

- N/A

/Users/USER/Desktop/Garry's Mod.app

- N/A

/Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_aohghmighlieiainnegkcijnfilokake/Default aohghmighlieiainnegkcijnfilokake.app

- com.google.Chrome.app.Default-aohghmighlieiainnegkcijnfilokake-internal

/Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_apdfllckaahabafndbhieahigkjlhalf/Default apdfllckaahabafndbhieahigkjlhalf.app

- com.google.Chrome.app.Default-apdfllckaahabafndbhieahigkjlhalf-internal

/Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo/Default blpcfgokakmgnkcojhhkbfbldkacnbeo.app

- com.google.Chrome.app.Default-blpcfgokakmgnkcojhhkbfbldkacnbeo-internal

/Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_coobgpohoikkiipiblmjeljniedjpjpf/Default coobgpohoikkiipiblmjeljniedjpjpf.app

- com.google.Chrome.app.Default-coobgpohoikkiipiblmjeljniedjpjpf-internal

/Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_pjkljhegncpnkpknbcohdijeoejaedia/Default pjkljhegncpnkpknbcohdijeoejaedia.app

- com.google.Chrome.app.Default-pjkljhegncpnkpknbcohdijeoejaedia-internal

/Users/USER/Library/Application Support/Steam/steamapps/common/GoatSimulator/GoatSimulator.app

- com.coffeestainstudios.goatsimulator

Frameworks

- N/A

PrefPane

- N/A

Bundles

/Library/Internet Plug-Ins/Unity Web Player.plugin

- com.unity.UnityWebPlayer

dylibs

/Users/USER/Library/Application Support/Google/Chrome/WidevineCDM/1.4.7.771/_platform_specific/mac_x64/libwidev inecdm.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/Awesomium.framework/Versions/Current/l ibplugin_carbon_helper.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/Awesomium.framework/Versions/A/lib plugin_carbon_helper.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/GameUI.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/ServerBrowser.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/bsppack.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/datacache.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/dedicated.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/engine.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/filesystem_stdio.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/gmod_audio.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/headtrack_oculus.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/inputsystem.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/launcher.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/libbass.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/libsteam_api.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/libtier0.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/libtogl.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/libvstdlib.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/materialsystem.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/scenefilecache.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/shaderapidx9.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/shaderapiempty.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/soundemittersystem.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/stdshader_dx9.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/studiorender.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/vaudio_speex.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/vgui2.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/vguimatsurface.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/video_quicktime.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/video_services.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/vphysics.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/bin/vtex_dll.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/client.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/game_shader_generic_garr ysmod.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/gmhtml.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/libholly.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/libholly_ogg.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/libholly_webm.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/lua_shared.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/menusystem.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/resources.dylib

/Users/USER/Library/Application Support/Steam/steamapps/common/GarrysMod/garrysmod/bin/server.dylib

Wi-Fi

Privacy: NONE

Parental Controls: On

User login items

iTunesHelper

- /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app

Safari extensions

defaultsearch

- com.defaultsearch.safariext

iCloud errors

cloudd: 18

Restricted files: 98

Elapsed time (sec): 185

Try disabling the "defaultsearch" Safari extension. See:

http://www.adwaremedic.com/kb/browserextensions.php

If disabling it fixes the problem you're having - which I'm assuming are pop-ups from "Flash Mall" - don't delete it yet. I'd like to get a copy of it. In the Finder, choose Go to Folder from the Go menu, then enter the following path in the box:

~/Library/Safari/Extensions/

Then click the Go button. In the folder that opens, there will be one file with a name ending in ".safariextz" - if you could, please e-mail that file to thomas at thesafemac dot com.

Finally! I so appreciate this topic and solution. So tired of the ads! I don't really understand why they think shoving it in my face, capturing my screen and forcing me to see their products makes them think I will buy. I will not buy specifically because they do this. It's like walking through a third world bazaar where the merchants shout at you and grab your arm. sheesh!

I'm taking time to post this thank you and to say I believe my most recent onslaught of adware - specifically the Flash Mall Shopper came in when I updated my Flip for Mac which has apparently gone to the dark side. When installing I noticed a prompt to download MacKeeper. I hit the skip button but it must have downloaded the app anyway.

Gone now. Will be even more vigilant now. We live in the Matrix. I hate it.

I have been trying dilligently for over a week now to remove these horrible ad pop ups and banners after running my Mac Pro for about 5 years with zero invasive problems. Incidental to exploring the MacKeeper application I got nailed big time.by flash mall which was riding on the MacKeeper. Now I see why everyone is staying away from that MacKeeper Ap.

Thank you so much Linc. Followed your instructions and it appears I am now back to a nice clean machine. Lessons learned; do not go looking for greener grass unless you watch what you are stepping into.

You have some adware installed. See my Adware Removal Guide for help getting rid of it.

You also have a Safari extension called "serfsearch" that I suspect may be adware, but have never confirmed that. If that's not something you recognize, can you contact me privately? (See the "contact me" links at the bottom of any of the pages in my Adware Removal Guide.) Thanks!

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)